<!DOCTYPE html>
<html>
  <head>
    <title>XMLHttpRequest: open() - "insecure" methods</title>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <link rel="help" href="https://xhr.spec.whatwg.org/#the-open()-method" data-tested-assertations="following::ol/li[5] following::ol/li[6]" />
  </head>
  <body>
    <div id="log"></div>
    <script>
      function method(method) {
        test(function() {
          var client = new XMLHttpRequest()
          assert_throws_dom("SecurityError", function() { client.open(method, "...") })
        }, document.title + " (" + method + ")")
      }
      method("track")
      method("TRACK")
      method("trAck")
      method("TRACE")
      method("trace")
      method("traCE")
      method("connect")
      method("CONNECT")
      method("connECT")
    </script>
  </body>
</html>
